THE Centre for Cybersecurity Belgium (CCB) issued a warning that threat actors are exploiting a critical-severity Windows Netlogon vulnerability, tracked as CVE-2026-41089, which carries a CVSS score of 9.8. This security flaw, disclosed on May 12 during Microsoft's Patch Tuesday, is a stack-based buffer overflow that allows unauthenticated attackers to execute code on a Windows server acting as a domain controller by sending crafted network requests.
Successful exploitation grants attackers system privileges without prior access. Despite multiple vulnerabilities being flagged during the May 2026 update, this specific flaw was not initially highlighted as a likely target. Organizations are advised to patch this vulnerability immediately due to its critical nature and the current active exploitation in the wild.